<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-security.git/meta-tpm/recipes-tpm2/tpm2-tools, branch dunfell-next</title>
<subtitle>Mirror of git.yoctoproject.org/meta-security.git</subtitle>
<id>https://git.enea.com/cgit/linux/meta-security.git/atom?h=dunfell-next</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-security.git/atom?h=dunfell-next'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/'/>
<updated>2022-03-17T15:05:50+00:00</updated>
<entry>
<title>tpm2-tools: update to 4.1.3</title>
<updated>2022-03-17T15:05:50+00:00</updated>
<author>
<name>Ralph Siemsen</name>
<email>ralph.siemsen@linaro.org</email>
</author>
<published>2022-03-15T16:23:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=91730c85bb99417053f78a123be7591109499666'/>
<id>urn:sha1:91730c85bb99417053f78a123be7591109499666</id>
<content type='text'>
Minor version bump from 4.1.1 to 4.1.3, containing two fixes:

4.1.3 - 2020-06-02
* tpm2_create: Fix issue with userauth attribute being cleared if
policy is specified.

4.1.2 - 2020-05-18
* Fix missing handle maps for ESY3 handle breaks. See #1994.
  https://github.com/tpm2-software/tpm2-tools/pull/1994

Details of changes
https://github.com/tpm2-software/tpm2-tools/commits/4.1.X

Signed-off-by: Ralph Siemsen &lt;ralph.siemsen@linaro.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2-tools: backport fix for CVE-2021-3565</title>
<updated>2022-03-17T15:05:36+00:00</updated>
<author>
<name>Ralph Siemsen</name>
<email>ralph.siemsen@linaro.org</email>
</author>
<published>2022-03-15T16:08:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=de4e7fced9f735f3c25277de38cde8454b97b28e'/>
<id>urn:sha1:de4e7fced9f735f3c25277de38cde8454b97b28e</id>
<content type='text'>
tpm2_import used a fixed AES key for the inner wrapper, which means that
a MITM attack would be able to unwrap the imported key. Even the
use of an encrypted session will not prevent this. The TPM only
encrypts the first parameter which is the fixed symmetric key.

To fix this, ensure the key size is 16 bytes or bigger and use
OpenSSL to generate a secure random AES key.

Upstream commit (with offset adjusted)
https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515

Signed-off-by: Ralph Siemsen &lt;ralph.siemsen@linaro.org&gt;
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2-tools: update to 4.1.1</title>
<updated>2020-02-11T03:13:52+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2020-02-02T19:29:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=f2e9e8f96f5a360ecfefa746842214891fd3bd33'/>
<id>urn:sha1:f2e9e8f96f5a360ecfefa746842214891fd3bd33</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2-tools: update to 4.0.1</title>
<updated>2019-12-06T02:00:46+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2019-12-02T05:04:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=d49f7025803a3c2dfe31ddb9cb03960df72190d8'/>
<id>urn:sha1:d49f7025803a3c2dfe31ddb9cb03960df72190d8</id>
<content type='text'>
LIC_FILES_CHKSUM added new copyrights

Migrate to https d/l from git clone

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2-tools: update to 3.2.0</title>
<updated>2019-06-26T22:47:47+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2019-06-23T17:37:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=1a02980de6d8243b59d5b5b20359d220decacd2b'/>
<id>urn:sha1:1a02980de6d8243b59d5b5b20359d220decacd2b</id>
<content type='text'>
Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2.0 prefix: rename to tpm2 take2</title>
<updated>2019-03-26T05:33:22+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2019-03-24T21:35:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=83c47bed13e72edea40bbc82876dcb5b61c19093'/>
<id>urn:sha1:83c47bed13e72edea40bbc82876dcb5b61c19093</id>
<content type='text'>
v1 was commited. This is the additional changes.

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
<entry>
<title>tpm2.0 prefix: rename to tpm2</title>
<updated>2019-03-23T16:49:59+00:00</updated>
<author>
<name>Armin Kuster</name>
<email>akuster808@gmail.com</email>
</author>
<published>2019-03-23T15:15:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-security.git/commit/?id=29e847feb3f2d72e718c03cc020b52907e90d31a'/>
<id>urn:sha1:29e847feb3f2d72e718c03cc020b52907e90d31a</id>
<content type='text'>
this aligns with the rest of the tpm2 recipes

Signed-off-by: Armin Kuster &lt;akuster808@gmail.com&gt;
</content>
</entry>
</feed>
